[lug] Letting folks pay from the web.
Nate Duehr
nate at natetech.com
Tue Feb 2 14:38:51 MST 2010
On 2/2/2010 2:11 PM, Maxwell Spangler wrote:
>
> The whole experience was one that made me far less comfortable about
> where my credit card number goes even when given to reputable
> businesses. I'm glad there are professionals like the posters on this
> list that get it and glad we have laws to protect consumers from people
> who don't get it and allow their systems to operate insecurely.
>
I've noticed businesses seem to have gotten lax about checking signature
on the back, via a photo ID again lately anyway. I think my card has
been checked about 1 time out of 10 for the last 20 times I've used it.
I used to make a fuss over it, now I've just given up. The $10/hr clerk
behind the register has nothing to lose if someone steals their credit
cards - they carry balances and are in debt up to their eyeballs, just
going by the law of averages...
The small time crooks can just steal my wallet. ;-)
Pretty sure (sadly) the reason they don't allow local storage is to
protect the data from the businesses' EMPLOYEES, which is far more
common a vector of attack than someone who just wants to buy some
gas/food/whatever with a stolen card.
Bored/underpaid/underappreciated/crazy employees hacking the cash
register when the boss/owner isn't around... the same ones who don't
check my signature. ;-)
Nate
More information about the LUG
mailing list